Hey, so I setup a Fedora VM which has Wayland natively by default. I ensured Wayland was being used by command line.
With Wayland, I ran firefox and hit share screen on Jitsi chat... and it can still see the other windows.. for example a password manager.
I disagree with every point made.
1) lastpass is online & propritary. we're talking about offline. as opposed to what, you writing by hand long complex passwords?
2) Firejail doesn't isolate firefox as just demonstrated in this thread right before
3) Snap is a weak sandbox. Even weaker than...
Hey kc1, I like your other posts on this forum and have no hard feelings.. so I disagree from a purely debate/idea perspective...
Qubes is based on a Xen hypervisor. The only reason the link you gave says "Fedora-based" is because by default the virtual machines that it creates are Fedora...
Yes I agree that Qubes OS is the answer to this problem. Qubes isn't a Linux distro though. My original post was asking "Is it true that Linux distros are deeply flawed?"
If I put firefox in firejail with these restrictions:
firejail firefox --secomp --nonewprivs --private --tmp
It can still share screen to visually see a KeePass XC password manager.
Thanks for your reply. Do you know how Firejail is better or worse than bubblewrap? I heard bubblewrap is better as far as escape prevention, but didn't know firejail provides more GUI isolation?
Snowden approved Qubes which launches a Whonix or Kicksecure Virtual machine. This isn't a "Linux distro" because the base is a Xen hypervisor. And even if Debian was the base, the VM provides the GUI isolation, not Linux
Hi pleasure to be here. I have 2 part question for you all,
So I heard that Linux has no GUI isolation!
In other words, each program can see the others. For example if I have firefox open with a malicious Javascript website and a GUI password manager, that website can literally see what the...